Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Your site is compromised with injected JavaScript

‎04-23-2018 09:59 AM
‎04-23-2018 09:59 AM

Your site is compromised with injected JavaScript

After enabling minification of Javascript in backend admin , the Magento Security Scan says this for all 2.2.3 sites we have:

"Your site has failed a scan. This means it is vulnerable to attack or already a victim of malicious software. "

"Your site is compromised with injected JavaScript. (60)
The malicious code signature(s) has been found in resources:

" .../static/version..../_cache/merged/.........min.js "

If we disable minification of Javascript in backend admin, the Magento Security Scan says all is OK

Seems this has been previously reported but the issue still persists

Labels:
5 REPLIES 5
‎05-02-2018 10:31 PM
‎05-02-2018 10:31 PM

Re: Your site is compromised with injected JavaScript

Hi @fieldcutter,

 

Thank you for sharing this info!

Maybe this information could be useful for @msavich

‎05-03-2018 06:30 AM
‎05-03-2018 06:30 AM

Re: Your site is compromised with injected JavaScript

Thank you!

I'll take care of this issue.

0 Kudos
‎05-10-2018 11:51 PM
‎05-10-2018 11:51 PM

Re: Your site is compromised with injected JavaScript

It should be fixed now.

‎06-20-2019 03:00 AM
‎06-20-2019 03:00 AM

Re: Your site is compromised with injected JavaScript

@msavich wrote:

It should be fixed now.

This problem has been detected again. Magento ver. 2.2.3

0 Kudos
‎06-26-2019 10:33 PM
‎06-26-2019 10:33 PM

Re: Your site is compromised with injected JavaScript

Where is the solution by the way?

0 Kudos